That is neat info.
In your opinion, why on earth would the DHS provide an example to malicious software in their report, when it is (seemingly) so easily identified as generic non-Russian-government source, particularly without disclosing the significance of why this source would be included in the report when it is not of Russian origin?
As a side note, in the original JAR report, I found this sentence particularly entertaining (being in the technical fields myself, I have become pretty good at recognizing bullshit tech speak, and this is how you do it-- not even very well).:
"In spring 2016, APT28 compromised the same political party, again via targeted spearphishing.
This time, the spearphishing email tricked recipients into changing their passwords through a
fake webmail domain hosted on APT28 operational infrastructure. Using the harvested
credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of
information from multiple senior party members. The U.S. Government assesses that information
was leaked to the press and publicly disclosed. "
... basically, just a giant word salad saying that someone got fooled by a really simple trick that a 14 year old could have done and they have absolutely no proof (nor is it possible to provide proof) that this was the source of WikiLeaks emails. Lol.